[squid-users] Squid Queries

Amos Jeffries squid3 at treenet.co.nz
Wed Apr 6 10:40:15 UTC 2016


On 5/04/2016 4:53 p.m., Supriya Prasad wrote:
> Hi Team,
> 
> I had some queries regarding the squid configuration:
> 
> 
> We are using squid as a cache for our CWS proxy. As we are aware of the
> max-forwards header, it decrements as it goes through each of the
> proxies.Currently, our CWS proxy and squid both decrement the max forwards
> header value when processing options requests. So if we send a max-forwards
> header of 5 from the client side, by the time is comes out of squid it
> shows 3. However as our proxy and squid is seen as 1 entity, we want the
> decrement to happen only once.
> 
> I went through a number of squid documentation and nowhere it mentions how
> to disable the max forward header from decrementing on squid. Could you
> please let us know what is to be done?

RFC 7231:
"
  Each intermediary that receives a TRACE or OPTIONS request containing
  a Max-Forwards header field MUST check and update its value prior to
  forwarding the request.
"
... notice the 'MUST' means mandatory behaviour. There is a goood reason
for that.

Regardless of whether you conceptually describe CWS + Squid as the one
"entity". They are in fact two different pieces of software. It is
entirely possible to create an infinite loop between just the two
pieces: CWS sends to Squid a request to send to CWS a request to send to
Squid a request to send to CWS ... and so on.
 The Via or Max-Forwards header are the only ways to protect against
that in regular traffic - and Via is optional.
 The Max-Forwards header is also the only way to target OPTIONS and
TRACE requests to diagnose the network behaviour in particular software
along the route. Adjusting it in undefined ways along the way will break
the protocol.

Amos



More information about the squid-users mailing list